Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,620 advisories

Loading
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR01 does not validate file attributes or... High Unreviewed
CVE-2024-46917 was published Aug 29, 2025
Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains functionality that allows the... High Unreviewed
CVE-2024-46916 was published Aug 29, 2025
Harness Allows Arbitrary File Write in Gitness LFS server High
CVE-2025-58158 was published for github.com/harness/gitness (Go) Aug 29, 2025
TheKavorka
Versity panic induced by AWS chunked data sent to port High
GHSA-v2ch-c8v8-fgr7 was published for github.com/versity/versitygw (Go) Aug 29, 2025
tonyipm
Rancher affected by unauthenticated Denial of Service High
CVE-2024-58259 was published for github.com/rancher/rancher (Go) Aug 29, 2025
The Booster for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to... High Unreviewed
CVE-2024-13342 was published Aug 29, 2025
Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If... High Unreviewed
CVE-2025-53508 was published Aug 29, 2025
Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information... High Unreviewed
CVE-2025-53507 was published Aug 29, 2025
The QbiCRMGateway developed by Ai3 has an Arbitrary File Reading vulnerability, allowing... High Unreviewed
CVE-2025-9639 was published Aug 29, 2025
Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing... High Unreviewed
CVE-2025-8858 was published Aug 29, 2025
A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the... High Unreviewed
CVE-2025-9605 was published Aug 29, 2025
NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges... High Unreviewed
CVE-2025-58323 was published Aug 29, 2025
There is an Access Control Vulnerability in some HikCentral Professional versions. This could... High Unreviewed
CVE-2025-39247 was published Aug 29, 2025
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14... High Unreviewed
CVE-2025-43187 was published Aug 29, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-43268 was published Aug 29, 2025
CGI::Simple versions before 1.282 for Perl has a HTTP response splitting flaw This vulnerability... High Unreviewed
CVE-2025-40927 was published Aug 29, 2025
HashiCorp Vault Community Edition Denial of Service Though Complex JSON Payloads High
CVE-2025-6203 was published for github.com/hashicorp/vault (Go) Aug 28, 2025
Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to contain a stack overflow via the function... High Unreviewed
CVE-2025-57215 was published Aug 28, 2025
In JetBrains IDE Services before 2025.5.0.1086, 2025.4.2.2164 users without appropriate... High Unreviewed
CVE-2025-58334 was published Aug 28, 2025
Nagios XI < 2024R1.3.2 contains a remote code execution vulnerability by chaining two flaws: an... High Unreviewed
CVE-2024-13986 was published Aug 28, 2025
Contrast leaks workload secrets to logs on INFO level High
GHSA-vxg3-w9rv-rhr2 was published for github.com/edgelesssys/contrast (Go) Aug 28, 2025
katexochen
Volto affected by possible DoS by invoking specific URL by anonymous user High
CVE-2025-58047 was published for @plone/volto (npm) Aug 28, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-53588 was published Aug 28, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-53576 was published Aug 28, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-53334 was published Aug 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database